[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0qbsZvJs-YYf5JmzyeXj91OpBxUYM9bTlk0Hpetp2Kg":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":151,"fingerprints":298},"taxonomy-term-widget","Taxonomy Term Widget","2.3.5","AddonsPress","https:\u002F\u002Fprofiles.wordpress.org\u002Faddonspress\u002F","\u003Cp>If you have already familiar with the Categories widget, then You are already familiar with it too.\u003Cbr \u002F>\nIt just lets you choose any taxonomy you have in your blog, for example, Tags, custom taxonomy ( Eg: Location, Product Categories, Product Tags etc… ).\u003C\u002Fp>\n","Add an advanced widget to your WordPress blog, like an extension of the Categories widget.",300,9253,100,4,"2024-11-12T14:34:00.000Z","6.7.5","3.0","",[20,21,22,23,24],"categories-widget","custom-taxonomy-widget","taxonomy","terms-widget","wordpress-taxonomy-term-widget","https:\u002F\u002Fwww.addonspress.com\u002Fwordpress-plugins\u002Ftaxonomy-term-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftaxonomy-term-widget.2.3.5.zip",92,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"addonspress",5,91800,93,221,74,"2026-04-04T15:32:03.813Z",[41,67,87,109,132],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":56,"tags":57,"homepage":63,"download_link":64,"security_score":13,"vuln_count":65,"unpatched_count":28,"last_vuln_date":66,"fetched_at":30},"wp-categories-widget","WP Categories Widget","2.8.1","WP-EXPERTS.IN","https:\u002F\u002Fprofiles.wordpress.org\u002Findia-web-developer\u002F","\u003Cp>The “WP Categories Widget” is a simple plugin to display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category…etc) on your wordpress website. Using WP Categries Widget you can display list of categories anywhere on your website. And also you can disable the widget block editor and enable the classic widget layut to edit the sidebar.\u003C\u002Fp>\n\u003Cp>Note : please don’t forget to leave your valuable feedback and suggestions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Send your query to \u003Ca href=\"mailto:info@wp-experts.in\" rel=\"nofollow ugc\">AUTHOR\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Video Tutorial :\u003C\u002Fp>\n\u003Cp>\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FpbsnErpu_8U?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\u003C\u002Fp>\n\u003Ch4>`Features`\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Disable Widget Block Editor \u003C\u002Fli>\n\u003Cli>Display Categories Post Count \u003C\u002Fli>\n\u003Cli>Hide Child Categories\u003C\u002Fli>\n\u003Cli>Hide Widget Title\u003C\u002Fli>\n\u003Cli>Show Categories for Any Taxonomies Type\u003C\u002Fli>\n\u003Cli>Exclude\u002FInclude Categories\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Addon Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Display Category as Drop Down\u003C\u002Fli>\n\u003Cli>Display Category Posts\u003C\u002Fli>\n\u003Cli>Manage WP Widget Style (Background Color, Text Color, Border Style & Color)\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Add Custom CSS for every Widget\u003C\u002Fp>\n\u003Ch3>\u003Ca href=\"https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F?utm_source=wordpress.org&utm_medium=free-plugin&utm_campaign=wcw-paid\" rel=\"nofollow ugc\">Downalod Add-on\u003C\u002Fa>.\u003C\u002Fh3>\n\u003C\u002Fli>\n\u003C\u002Ful>\n","Display the list of categories for any taxonomies type (WooCommerce Product Category, Blog Category, Project Category...etc) in sidebar",7000,116450,90,27,"2026-02-16T14:20:00.000Z","6.9.4","6.0","8.0",[58,59,60,61,62],"category-widget","custom-widget","posts-widget","product-categories-widget","taxonomy-widget","https:\u002F\u002Fwww.wp-experts.in\u002Fproducts\u002Fwp-categories-widget-addon\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-categories-widget.zip",1,"2023-08-10 00:00:00",{"slug":68,"name":69,"version":70,"author":71,"author_profile":72,"description":73,"short_description":74,"active_installs":75,"downloaded":76,"rating":28,"num_ratings":28,"last_updated":77,"tested_up_to":78,"requires_at_least":17,"requires_php":18,"tags":79,"homepage":84,"download_link":85,"security_score":86,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"featured-custom-posts-widget","Featured Custom Posts Widget","1.1.0","linkhousemedia","https:\u002F\u002Fprofiles.wordpress.org\u002Flinkhousemedia\u002F","\u003Cp>This plugin was initially designed as a theme function but we thought it might come in handy for someone else.  It is designed to use the following plugins:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Fcustom-post-type-ui\u002F\" rel=\"ugc\">Custom Post Type UI\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ftaxonomy-images\u002F\" rel=\"ugc\">Taxonomy Images\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Of course you can create your own custom post types and taxonomies but the Custom Post Type UI plugin makes very light work of it.\u003C\u002Fp>\n\u003Cp>The plugin creates a widget for adding featured posts. There are other plugins that do this but Featured Custom Posts allows for custom post types and taxonomies. It was created to show featured products that were created as custom post types.\u003C\u002Fp>\n\u003Cp>\u003Cem>Features\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Select number of posts to display (default: 10)\u003C\u002Fli>\n\u003Cli>Post Type\u003C\u002Fli>\n\u003Cli>Custom Taxonomy\u003C\u002Fli>\n\u003Cli>Custom Taxonomy Term\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>New In Version 1.1\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Added Permalink Base for post URL (Defaults to post’s GUID)\u003C\u002Fli>\n\u003Cli>Added Post Title as the link text if Taxonomy Images plugin isn’t present\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cem>Example Usage\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Custom Post Type: “products”\u003Cbr \u002F>\nTaxonomy: “product-tags”\u003Cbr \u002F>\nTaxonomy Term: “featured”\u003C\u002Fp>\n\u003Cp>In this example our custom post type of “products” allows us to add products in a similar way to posts.  Now with our custom taxonomy of “product-tags” we can tag our products with the tag “featured”. Plug this information into the widget via the wp-admin area and you’re all set!\u003C\u002Fp>\n\u003Cp>\u003Cem>Future Updates\u003C\u002Fem>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Allow for multiple taxonomy terms\u003C\u002Fli>\n\u003Cli>Add thumbnail size support\u003C\u002Fli>\n\u003C\u002Ful>\n","Widget that allows custom post types and taxonomies to be displayed.  Works well with Custom Post Type UI and Taxonomy Images plugins.",20,4708,"2011-07-06T19:00:00.000Z","3.2.1",[80,21,81,82,83],"custom-post-type","featured-posts","featured-products","post-type-widget","http:\u002F\u002Fwordpress.org\u002Fextend\u002Fplugins\u002Ffeatured-custom-posts-widget\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffeatured-custom-posts-widget.1.1.0.zip",85,{"slug":88,"name":89,"version":90,"author":91,"author_profile":92,"description":93,"short_description":94,"active_installs":95,"downloaded":96,"rating":27,"num_ratings":97,"last_updated":98,"tested_up_to":54,"requires_at_least":99,"requires_php":100,"tags":101,"homepage":106,"download_link":107,"security_score":36,"vuln_count":14,"unpatched_count":28,"last_vuln_date":108,"fetched_at":30},"custom-post-type-ui","Custom Post Type UI","1.18.3","webdevstudios","https:\u002F\u002Fprofiles.wordpress.org\u002Fwebdevstudios\u002F","\u003Cp>Custom Post Type UI provides an easy-to-use interface for registering and managing custom post types and taxonomies for your website.\u003C\u002Fp>\n\u003Ch4>Custom Post Type UI Extended\u003C\u002Fh4>\n\u003Cp>CPTUI helps create custom content types, but displaying that content can be a whole new challenge. \u003Ca href=\"https:\u002F\u002Fpluginize.com\u002Fplugins\u002Fcustom-post-type-ui-extended\u002F?utm_source=cptui-desription&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">Custom Post Type UI Extended\u003C\u002Fa> was created to help with displaying your crafted content. \u003Ca href=\"https:\u002F\u002Fpluginize.com\u002Fcpt-ui-extended-features\u002F?utm_source=cptui-description-examples&utm_medium=text&utm_campaign=wporg\" rel=\"nofollow ugc\">View our Layouts page\u003C\u002Fa> to see available layout examples with Custom Post Type UI Extended.\u003C\u002Fp>\n\u003Ch4>Plugin development\u003C\u002Fh4>\n\u003Cp>Custom Post Type UI development is managed on GitHub, with official releases published on WordPress.org. The GitHub repo can be found at \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002Fcustom-post-type-ui\" rel=\"nofollow ugc\">https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002Fcustom-post-type-ui\u003C\u002Fa>. Please use the WordPress.org support tab for potential bugs, issues, or enhancement ideas.\u003C\u002Fp>\n","Admin UI for creating custom content types like post types and taxonomies",1000000,22529808,273,"2026-01-08T20:43:00.000Z","6.6","7.4",[102,103,104,22,105],"content-types","custom-post-types","post-type","types","https:\u002F\u002Fgithub.com\u002FWebDevStudios\u002Fcustom-post-type-ui\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcustom-post-type-ui.1.18.3.zip","2025-12-12 00:00:00",{"slug":110,"name":111,"version":112,"author":113,"author_profile":114,"description":115,"short_description":116,"active_installs":117,"downloaded":118,"rating":51,"num_ratings":119,"last_updated":120,"tested_up_to":54,"requires_at_least":121,"requires_php":18,"tags":122,"homepage":127,"download_link":128,"security_score":129,"vuln_count":130,"unpatched_count":28,"last_vuln_date":131,"fetched_at":30},"taxonomy-terms-order","Category Order and Taxonomy Terms Order","1.9.4","nsp-code","https:\u002F\u002Fprofiles.wordpress.org\u002Fnsp-code\u002F","\u003Cp>Easily control the order of Categories and any hierarchical taxonomy with a simple drag-and-drop interface. Reorder parent and child terms visually in the admin and choose whether the plugin automatically applies your custom term order to front-end queries.\u003C\u002Fp>\n\u003Ch3>Key features\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Intuitive drag-and-drop reordering for Categories and all hierarchical taxonomies. \u003C\u002Fli>\n\u003Cli>Option to auto-apply the custom term order to front-end queries (no theme\u002Fplugin edits required). \u003C\u002Fli>\n\u003Cli>Keep the admin term lists in your new order (makes management and editorial workflows consistent). \u003C\u002Fli>\n\u003Cli>Works with multiple taxonomies per post type — switch between taxonomies from the same interface. \u003C\u002Fli>\n\u003Cli>Multisite aware and regularly updated for modern WordPress and PHP versions (see changelog for compatibility notes).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>How it works\u003C\u002Fh3>\n\u003Cp>After activating the plugin, a new Taxonomy Order page becomes available under the custom post type menu. Simply open it and drag terms into the exact order you want — including parent\u002Fchild hierarchy.\u003Cbr \u002F>\nUse the plugin’s Taxonomy Order screen to drag terms into the order you want. To apply the custom order automatically across your site, enable the Autosort option — the plugin will adjust term queries on the fly so your chosen order shows without template changes. If you prefer to control ordering in code, include orderby => ‘term_order’ when calling get_terms() to use the plugin’s order programmatically.\u003C\u002Fp>\n\u003Cp>This plugin is developed by \u003Ca href=\"http:\u002F\u002Fwww.nsp-code.com\" rel=\"nofollow ugc\">Nsp-Code\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>See the \u003Ca href=\"https:\u002F\u002Fwww.nsp-code.com\u002Fpremium-plugins\u002Fwordpress-plugins\u002Fadvanced-taxonomy-terms-order\u002F\" rel=\"nofollow ugc\">Advanced Taxonomy Terms Order\u003C\u002Fa> for advanced features.\u003C\u002Fp>\n\u003Ch3>Localization\u003C\u002Fh3>\n\u003Cp>Available in Catalan, Chinese (China), Chinese (Taiwan), Czech, Dutch, Dutch (Belgium), English (Australia), English (Canada), English (New Zealand), English (UK), English (US), French (France), Galician, German, Italian, Japanese, Norwegian (Bokmål), Polish, Portuguese (Portugal), Russian, Spanish (Chile), Spanish (Spain), Spanish (Venezuela), Swedish, and Turkish.\u003Cbr \u002F>\nWhant to contribute with a translation to your language? Please check at https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ftaxonomy-terms-order\u003C\u002Fp>\n\u003Cp>There isn’t any Editors for your native language on plugin Contributors? You can help to moderate! https:\u002F\u002Ftranslate.wordpress.org\u002Fprojects\u002Fwp-plugins\u002Ftaxonomy-terms-order\u002Fcontributors\u003C\u002Fp>\n","Drag-and-drop ordering for Categories & any taxonomy (hierarchically) using a Drag and Drop Sortable JavaScript capability.",500000,9896783,162,"2026-02-19T17:40:00.000Z","2.8",[123,124,125,126],"categories-sort","category-order","taxonomy-order","terms-order","http:\u002F\u002Fwww.nsp-code.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ftaxonomy-terms-order.1.9.4.zip",99,2,"2018-02-22 00:00:00",{"slug":133,"name":134,"version":135,"author":136,"author_profile":137,"description":138,"short_description":139,"active_installs":140,"downloaded":141,"rating":51,"num_ratings":86,"last_updated":142,"tested_up_to":54,"requires_at_least":143,"requires_php":18,"tags":144,"homepage":149,"download_link":150,"security_score":13,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"categories-images","Categories Images","3.3.1","Zahlan","https:\u002F\u002Fprofiles.wordpress.org\u002Felzahlan\u002F","\u003Cp>The Categories Images is a WordPress plugin allow you to add image to category, tag or custom taxonomy.\u003C\u002Fp>\n\u003Cp>Use \u003Ccode>\u003C?php if (function_exists('z_taxonomy_image_url')) echo z_taxonomy_image_url(); ?>\u003C\u002Fcode> to get the url and put it in any img tag.\u003Cbr \u002F>\nOr simply use \u003Ccode>\u003C?php if (function_exists('z_taxonomy_image')) z_taxonomy_image(); ?>\u003C\u002Fcode> in (category or taxonomy) template.\u003C\u002Fp>\n\u003Ch4>REST API Support\u003C\u002Fh4>\n\u003Cp>Access term images via the WP REST API. The field \u003Ccode>z_taxonomy_image_url\u003C\u002Fcode> is automatically added to term objects.\u003C\u002Fp>\n\u003Ch4>Enhanced Shortcodes\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ccode>[z_taxonomy_image term_id=\"123\" size=\"medium\" link=\"yes\"]\u003C\u002Fcode> – Display a specific term image with a link.\u003C\u002Fli>\n\u003Cli>\u003Ccode>[z_taxonomy_list taxonomy=\"category\" style=\"grid\" columns=\"4\" show_name=\"yes\"]\u003C\u002Fcode> – Display a beautiful grid of terms with their images.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Elementor Integration\u003C\u002Fh4>\n\u003Cp>Use term images dynamically in Elementor via the native Dynamic Tags system.\u003C\u002Fp>\n\u003Ch4>Settings\u003C\u002Fh4>\n\u003Cp>Categories Images settings menu is now under Settings > Categories Images to avoid cluttering the main WordPress menu, the settings now is more organized with a dedicated documentation page that includes usage examples and shortcodes.\u003C\u002Fp>\n\u003Cp>From the settings menu, you can exclude any taxonomies from the plugin to avoid conflicts with other plugins like WooCommerce!\u003C\u002Fp>\n\u003Ch3>Documentation\u003C\u002Fh3>\n\u003Cp>Documentation is now available inside the plugin settings menu. for more information please visit the \u003Ca href=\"https:\u002F\u002Fzahlan.net\u002Fblog\u002F2012\u002F06\u002Fcategories-images\u002F\" rel=\"nofollow ugc\">Categories Images\u003C\u002Fa>.\u003C\u002Fp>\n","The Categories Images is a Wordpress plugin allow you to add image to category, tag or custom taxonomy.",50000,891623,"2025-12-21T00:35:00.000Z","4.0",[133,145,146,147,148],"category-image","category-thumb","tag-image","taxonomy-image","https:\u002F\u002Fzahlan.net\u002Fblog\u002Fcategories-images\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fcategories-images.3.3.1.zip",{"attackSurface":152,"codeSignals":176,"taintFlows":259,"riskAssessment":286,"analyzedAt":297},{"hooks":153,"ajaxHandlers":164,"restRoutes":173,"shortcodes":174,"cronEvents":175,"entryPointCount":130,"unprotectedCount":130},[154,160],{"type":155,"name":156,"callback":157,"file":158,"line":159},"action","widgets_init","coder_taxonomy_term_widget","taxonomy-term-widget.php",291,{"type":155,"name":161,"callback":162,"file":158,"line":163},"wp_footer","coder_taxonomy_term_widget_footer_assets",331,[165,170],{"action":166,"nopriv":167,"callback":168,"hasNonce":167,"hasCapCheck":167,"file":158,"line":169},"coder_taxonomy_term_widget_ajax",false,"coder_taxonomy_term_widget_ajax_callback",333,{"action":166,"nopriv":171,"callback":168,"hasNonce":167,"hasCapCheck":167,"file":158,"line":172},true,351,[],[],[],{"dangerousFunctions":177,"sqlUsage":178,"outputEscaping":180,"fileOperations":28,"externalRequests":28,"nonceChecks":28,"capabilityChecks":28,"bundledLibraries":258},[],{"prepared":28,"raw":28,"locations":179},[],{"escaped":181,"rawEcho":182,"locations":183},13,45,[184,187,189,190,191,192,193,195,196,198,199,201,203,204,206,208,209,211,213,214,216,218,220,221,223,224,226,228,229,231,232,234,236,237,239,241,242,244,246,247,248,250,252,254,256],{"file":158,"line":185,"context":186},95,"raw output",{"file":158,"line":188,"context":186},96,{"file":158,"line":188,"context":186},{"file":158,"line":129,"context":186},{"file":158,"line":13,"context":186},{"file":158,"line":13,"context":186},{"file":158,"line":194,"context":186},110,{"file":158,"line":194,"context":186},{"file":158,"line":197,"context":186},116,{"file":158,"line":197,"context":186},{"file":158,"line":200,"context":186},117,{"file":158,"line":202,"context":186},119,{"file":158,"line":202,"context":186},{"file":158,"line":205,"context":186},120,{"file":158,"line":207,"context":186},122,{"file":158,"line":207,"context":186},{"file":158,"line":210,"context":186},123,{"file":158,"line":212,"context":186},125,{"file":158,"line":212,"context":186},{"file":158,"line":215,"context":186},126,{"file":158,"line":217,"context":186},129,{"file":158,"line":219,"context":186},130,{"file":158,"line":219,"context":186},{"file":158,"line":222,"context":186},134,{"file":158,"line":222,"context":186},{"file":158,"line":225,"context":186},140,{"file":158,"line":227,"context":186},141,{"file":158,"line":227,"context":186},{"file":158,"line":230,"context":186},145,{"file":158,"line":230,"context":186},{"file":158,"line":233,"context":186},151,{"file":158,"line":235,"context":186},152,{"file":158,"line":235,"context":186},{"file":158,"line":238,"context":186},157,{"file":158,"line":240,"context":186},158,{"file":158,"line":240,"context":186},{"file":158,"line":243,"context":186},163,{"file":158,"line":245,"context":186},164,{"file":158,"line":245,"context":186},{"file":158,"line":37,"context":186},{"file":158,"line":249,"context":186},223,{"file":158,"line":251,"context":186},245,{"file":158,"line":253,"context":186},271,{"file":158,"line":255,"context":186},311,{"file":158,"line":257,"context":186},347,[],[260,277],{"entryPoint":261,"graph":262,"unsanitizedCount":65,"severity":276},"coder_taxonomy_term_widget_ajax_callback (taxonomy-term-widget.php:344)",{"nodes":263,"edges":274},[264,269],{"id":265,"type":266,"label":267,"file":158,"line":268},"n0","source","$_POST",346,{"id":270,"type":271,"label":272,"file":158,"line":257,"wp_function":273},"n1","sink","echo() [XSS]","echo",[275],{"from":265,"to":270,"sanitized":167},"medium",{"entryPoint":278,"graph":279,"unsanitizedCount":65,"severity":285},"\u003Ctaxonomy-term-widget> (taxonomy-term-widget.php:0)",{"nodes":280,"edges":283},[281,282],{"id":265,"type":266,"label":267,"file":158,"line":268},{"id":270,"type":271,"label":272,"file":158,"line":257,"wp_function":273},[284],{"from":265,"to":270,"sanitized":167},"low",{"summary":287,"deductions":288},"The \"taxonomy-term-widget\" plugin, version 2.3.5, presents a moderate security risk primarily due to its unprotected AJAX handlers. While the code demonstrates good practices by avoiding dangerous functions, using prepared statements for SQL queries, and having no known vulnerabilities in its history, the presence of two AJAX entry points without any authentication or capability checks creates a significant attack surface. Any authenticated user, potentially even those with lower privileges, could trigger these AJAX actions, leading to unintended consequences or further exploitation if vulnerabilities exist within these handlers.\n\nThe static analysis also reveals that a substantial portion (78%) of the plugin's output is not properly escaped. This is a concerning weakness, as it opens the door to Cross-Site Scripting (XSS) vulnerabilities. If user-supplied data or dynamic content is not correctly escaped before being displayed, an attacker could inject malicious scripts into the WordPress admin area or the frontend, impacting users or the site's integrity.\n\nDespite the lack of recorded CVEs, which suggests a history of responsible development or perhaps limited scope, the identified weaknesses in AJAX security and output escaping warrant careful attention. The plugin's strengths lie in its absence of dangerous functions and secure SQL handling. However, the unprotected entry points and poor output escaping are critical areas that need immediate remediation to improve the plugin's overall security posture.",[289,292,295],{"reason":290,"points":291},"Unprotected AJAX handlers",10,{"reason":293,"points":294},"High percentage of unescaped output",7,{"reason":296,"points":34},"Taint flows with unsanitized paths","2026-03-16T20:02:20.059Z",{"wat":299,"direct":308},{"assetPaths":300,"generatorPatterns":303,"scriptPaths":304,"versionParams":305},[301,302],"\u002Fwp-content\u002Fplugins\u002Ftaxonomy-term-widget\u002Fcss\u002Ftaxonomy-term-widget.css","\u002Fwp-content\u002Fplugins\u002Ftaxonomy-term-widget\u002Fjs\u002Ftaxonomy-term-widget.js",[],[302],[306,307],"taxonomy-term-widget\u002Fcss\u002Ftaxonomy-term-widget.css?ver=","taxonomy-term-widget\u002Fjs\u002Ftaxonomy-term-widget.js?ver=",{"cssClasses":309,"htmlComments":310,"htmlAttributes":311,"restEndpoints":321,"jsGlobals":322,"shortcodeOutput":323},[4],[],[312,313,314,315,316,317,318,319,320],"data-taxonomy","data-show-dropdown","data-show-counts","data-show-hierarchy","data-hide-empty","data-orderby","data-order","data-child-of","data-exclude",[],[],[]]